Perkins on Privacy
Perkins on Privacy
Perkins on Privacy keeps you informed about the latest developments in privacy and data security law. Our insights are provided by Perkins Coie's Privacy & Security practice, recognized by Chambers as a leading firm in the field.
California’s Consumer Privacy Protection Agency Publishes First Set of Draft CPRA Regulations
Last week, the Consumer Privacy Protection Agency (Agency) Board rounded out the first half of 2022 by releasing draft California Privacy Rights Act (CPRA) regulations. This first set of CPRA regulations focus on updating existing California Consumer Privacy Act (CCPA) regulations to account for the new provisions of the CPRA and addressing specific areas such as Agency audits and enforcement.
FCC Requires Gateway Providers to Combat Foreign-Based Robocalls
The Federal Communications Commission recently adopted certain final rules, policies, and proposed rules to "stem the tide of foreign-originated illegal robocalls." The FCC Order targets so-called "gateway providers," which are U.S.-based intermediate providers that receive calls directly from a foreign provider or its U.S.-based facilities before transmitting the calls downstream.
China Releases the First National Standards on Privacy Policy for Public Comment
The National Information Security Standardization Technical Committee issued a draft of the new national standards on May 26, 2022. The new draft—Information Security Technology: Requirements of Privacy Policy of Internet Platforms, Products and Services—is available for public comment until July 25, 2022.
Getting the Right Fit: Biometric Privacy and the Apparel Industry
In recent years, apparel and retail businesses have increasingly sought to provide customers with options to interact with the brand's merchandise and services in virtual environments. This includes everything from virtual try-on to virtual stores in the metaverse.
Forthcoming Disclosure and Security Requirements for Institutions Hosting Federally Funded Research
National Security Presidential Memorandum-33 requires federal agencies to impose disclosure and security requirements as part of research and development grant programs.
2022 Cybersecurity Issues and Recommendations for ERISA Plan Fiduciaries
New cybersecurity developments and observations, including those relating to U.S. Department of Labor review of cybersecurity issues, warrant prompt consideration by plan fiduciaries, including those plans covered by HIPAA.
FTC Scrutinizing Ed Tech Providers and Endorsements
In its most recent open meeting, the Federal Trade Commission unanimously: (1) issued a Children's Online Privacy Protection Act policy statement directed at ed tech providers, and (2) proposed amendments to the Endorsement Guides, which address influencer advertising on social media and consumer reviews.
What’s Next for Privacy at the FTC Following the Confirmation of Alvaro Bedoya
Alvaro Bedoya has now been sworn in as a commissioner for the U.S. Federal Trade Commission. This restores a Democratic majority on the Commission and will enable the agency to move forward with the aggressive agenda of Chair Lina Khan. As a result, we can expect to see significant actions by the FTC on privacy and data security in the near term.
Growing Pains: New Self-Regulatory Framework for Teenage Privacy Proposed
The Better Business Bureau recently announced the launch of the TeenAge Privacy Program, which proposes a self-regulatory framework for companies to use in order to protect teen consumers and guide the responsible collection and management of teen data.
SEC Proposes New Cybersecurity Disclosure Rules on Incident Reporting, Risk Management, Strategy, and Governance
The U.S. Securities and Exchange Commission proposed rules that will require public disclosure not only of cybersecurity incidents, but also of aspects of public companies' preparedness for cyber threats.
FTC Chair Lina Khan Gives First Public Address Regarding Privacy
Federal Trade Commission Chair Lina Khan made her first speech about privacy at the opening of this year's International Association of Privacy Professionals conference. She noted ways the FTC is using its resources to "rein in" what she called "surveillance-based business models."
Enforcement Trends From China’s Cyberspace Regulator in 2022
China's internet watchdog, the Cyberspace Administration of China, has continued to tighten its regulation of internet industries and driven the formulation of many new laws and regulations in cybersecurity and data protection in China.
Answers to Common Questions Regarding New CIRCIA
On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022. This follows increased reporting of cyber threats facing critical infrastructure sectors, particularly the energy sector.
Supreme Court Limits Federal Courts’ Jurisdiction to Enforce Arbitration Awards
A new U.S. Supreme Court decision holds that federal courts cannot enforce or vacate arbitration awards under Sections 9 and 10 of the Federal Arbitration Act unless they have an independent jurisdictional basis to consider the case.
Illinois Supreme Court Nixes Employer Biometric Privacy Defense
In the latest in a series of setbacks for employers facing claims under the Illinois Biometric Information Privacy Act, the Supreme Court of Illinois held last month that the Illinois Workers' Compensation Act does not preempt BIPA claims for statutory damages brought by employees. The decision in McDonald v. Symphony Bronzeville Park, LLC, et al.